Post Syndicated from jake original https://lwn.net/Articles/1007032/

Visitors to the freedesktop.org
GitLab instance are currently being greeted with a message noting that
the company who has been hosting it for free for nearly five years, Equinix, has
asked that it be moved (or start being paid for) by the end of April. The
issue
ticket opened by Benjamin Tissoires in order to track the planning of a move is clear that the project is grateful for
the gift:
“First, I’d like to thank Equinix Metal for the years of support they gave us. They were very kind and generous with us and even if it’s a shame we have to move out on a short notice, all things come to an end.”

The current cost for the services, much of which is for 50TB of bandwidth data transfer
per month and a half-dozen beefy servers for running continuous-integration
(CI) jobs, comes to around $24,000 per month. Tissoires believes that the
project should start paying for service somewhere, in order to avoid
upheaval of this sort, sometimes on short or no notice. “I personally
think we better have fd.o pay for its own servers, and then have sponsors
chip in. This way, when a sponsor goes away, it’s technically much simpler
to just replace the money than change datacenter.” Various options are
being discussed there, but any move is likely to disrupt normal services
for a week or more.

Post Syndicated from jake original https://lwn.net/Articles/1006978/

Security updates have been issued by AlmaLinux (redis:7), Debian (bind9, chromium, flightgear, pam-u2f, and simgear), Red Hat (fence-agents, git-lfs, libsoup, python3.9, rsync, and traceroute), Slackware (bind), SUSE (apache2-mod_security2, corepack22, go1.24, hplip, ignition, iperf, kernel, kernel-devel-longterm, nginx, nodejs22, openvpn, owasp-modsecurity-crs, and shadow), and Ubuntu (bind9, jinja2, libxml2, linux-lowlatency-hwe-6.8, php7.0, tomcat6, and vlc).

Post Syndicated from jake original https://lwn.net/Articles/1006261/

Security updates have been issued by AlmaLinux (git-lfs, java-17-openjdk, java-21-openjdk, kernel, and python-jinja2), Debian (git and git-lfs), Fedora (buildah, chromium, containers-common, freeipa, glibc, golang, mediawiki, pam-u2f, podman, and rsync), Mageia (glibc, iperf, openssl, phpmyadmin, and poppler), Oracle (firefox, git-lfs, grafana, java-17-openjdk, java-21-openjdk, kernel, python-jinja2, and redis:6), and SUSE (chromium, go1.22-1.22.11-1.1, go1.23-1.23.5-1.1, go1.24-1.24rc2-1.1, java-11-openjdk, kernel, libopenssl-3-devel, libQt6Bluetooth6, nodejs18, nodejs20, python311-azure-storage-blob, qt6-connectivity, and ruby3.4-rubygem-nokogiri-1.18.2-1.1).

Post Syndicated from jake original https://lwn.net/Articles/1006006/

Greg Kroah-Hartman has released the 6.12.11, 6.6.74, 6.1.127, and 5.15.177 stable kernels. They all contain
important fixes, as is the usual case.

Post Syndicated from jake original https://lwn.net/Articles/1005946/

Security updates have been issued by AlmaLinux (redis:6), Debian (frr and git-lfs), Fedora (SDL2_sound and webkit2gtk4.0), Gentoo (firefox, GPL Ghostscript, libgsf, libuv, PHP, Qt, QtWebEngine, and Yubico pam-u2f), Mageia (chromium-browser-stable), SUSE (helmfile, nvidia-modprobe, qt6-webengine, ruby3.4-rubygem-actioncable-8.0-8.0.1-1.1, ruby3.4-rubygem-actionpack-8.0-8.0.1-1.1, ruby3.4-rubygem-actiontext-8.0-8.0.1-1.1, ruby3.4-rubygem-actionview-8.0-8.0.1-1.1, ruby3.4-rubygem-activejob-8.0-8.0.1-1.1, ruby3.4-rubygem-activerecord-8.0-8.0.1-1.1, ruby3.4-rubygem-activestorage-8.0-8.0.1-1.1, ruby3.4-rubygem-rails-8.0-8.0.1-1.1, and ruby3.4-rubygem-railties-8.0-8.0.1-1.1), and Ubuntu (bluez, openjpeg2, and python-django).

Post Syndicated from jake original https://lwn.net/Articles/1005000/

The proposal to add a more general facility for string formatting to
Python, which we looked at in August 2024,
has changed a great deal since, so it merits another look. The
changes take multiple forms: a new title for PEP
750 (“Template Strings”), a different mechanism for creating and using templates,
a new Template type to hold them, and several additional authors for the PEP.
Meanwhile, one controversial part of the original proposal, lazy evaluation
of the interpolated values, has been changed so that it requires an
explicit opt-in (via lambda);
template strings are a generalization of f-strings and lazy evaluation was seen by some
as a potentially confusing departure from their behavior.

Post Syndicated from jake original https://lwn.net/Articles/1005638/

Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, ipa, and NetworkManager), Debian (389-ds-base, busybox, libreoffice, rsync, ruby2.7, tomcat10, and tryton-server), Fedora (chromium and stb), Mageia (openafs and vim), Oracle (.NET 8.0 and .NET 9.0), SUSE (amazon-ssm-agent, chromedriver, git, golang-github-prometheus-prometheus, govulncheck-vulndb, grafana, hplip, pam_u2f, perl-Compress-Raw-Zlib, perl-IO-Compress, redis, redis7, rsync, and velociraptor), and Ubuntu (libpodofo and linux-xilinx-zynqmp).

Post Syndicated from jake original https://lwn.net/Articles/1005292/

Security updates have been issued by AlmaLinux (fence-agents, raptor2, and rsync), Debian (chromium), Fedora (rsync and seamonkey), Mageia (openjpeg2), Red Hat (tuned), Slackware (git), SUSE (dcmtk, dnsmasq, govulncheck-vulndb, libQtWebKit4, libraptor-devel, opera, python311-Pillow, python311-translate-toolkit, rsync, and SDL2_sound-devel), and Ubuntu (linux-raspi-5.4, neomutt, and python2.7).

Post Syndicated from jake original https://lwn.net/Articles/1004996/

The blog of the SeaMonkey
project, which develops an all-in-one internet application suite based
on Mozilla code, has reported the sad news of the sudden
passing of Bill Gianopoulos (“WG9s”)
on January 6 (obituary). He was a core developer and
release engineer for the project.

Post Syndicated from jake original https://lwn.net/Articles/1004962/

Security updates have been issued by AlmaLinux (dpdk, firefox, iperf3, thunderbird, and webkit2gtk3), Debian (firefox-esr, gnuchess, node-mocha, openafs, python-django, and thunderbird), Fedora (libxmp, python-jinja2, suricata, thunderbird, and xen), Mageia (avahi, libjxl, opencontainers-runc, radare2, rizin, and tinyproxy), Oracle (cups, dpdk, firefox, iperf3, kernel, thunderbird, and webkit2gtk3), SUSE (apptainer, chromedriver, dnsmasq, govulncheck-vulndb, gstreamer, gstreamer-plugins-base, gstreamer-plugins-good, logback, and python311-slixmpp), and Ubuntu (libxmltok, linux-realtime, roundcube, and snapd).

Post Syndicated from jake original https://lwn.net/Articles/1004548/

The 6.12.9, 6.6.70, 6.1.124, 5.15.176, 5.10.233, and 5.4.289 stable kernels have been released.
As usual, they contain important fixes all over the kernel tree.

Post Syndicated from jake original https://lwn.net/Articles/1004543/

Security updates have been issued by AlmaLinux (cups, kernel, and kernel-rt), Debian (chromium, firefox-esr, and webkit2gtk), Fedora (curl, firefox, gimp, mupdf, openjpeg2, and valkey), Red Hat (389-ds-base, cups, firefox, iperf3, kernel, kernel-rt, libreswan, python3.11-urllib3, thunderbird, and webkit2gtk3), Slackware (firefox, seamonkey, and thunderbird), SUSE (apptainer, firefox-esr, libopenjp2-7, libruby3_4-3_4, openjpeg2, and tomcat10), and Ubuntu (firefox, linux-azure, linux-azure, linux-azure-4.15, linux-azure, linux-azure-6.8, linux-azure, linux-intel-iotg-5.15, linux-azure-5.15, python2.7, thunderbird, and xfpt).

Post Syndicated from jake original https://lwn.net/Articles/1001929/

During EmacsConf 2024, which
was held online in early December 2024, Ramin Honary gave a talk about Project
Gypsum, which is his effort to rewrite Emacs in Scheme. Unlike most other Emacs clones,
which simply replicate the key bindings, Gypsum is also implementing Emacs
Lisp (or Elisp). Honary is initially targeting Guile, which is an
implementation of Scheme, but wants to make the code portable
to any implementation of R7RS Scheme.

Post Syndicated from jake original https://lwn.net/Articles/1004262/

Security updates have been issued by Fedora (ofono and webkitgtk), Mageia (ruby and virtualbox & kmod-virtualbox), Red Hat (oci-seccomp-bpf-hook and runc), SUSE (corepack22, dpdk, libpoppler-cpp1, pcp, python-Jinja2, and sysstat), and Ubuntu (tinyproxy).

Post Syndicated from jake original https://lwn.net/Articles/1003984/

Greg Kroah-Hartman has announced the release of the 6.12.8, 6.6.69, and 6.1.123 stable kernels. They contain
important fixes throughout the kernel tree, as usual.

Post Syndicated from jake original https://lwn.net/Articles/1003983/

Security updates have been issued by Red Hat (container-tools:rhel8) and SUSE (liboqs, oqs-provider and python-Jinja2).

Post Syndicated from jake original https://lwn.net/Articles/1003768/

Security updates have been issued by Debian (gst-plugins-good1.0 and opensc), Fedora (iwd and libell), and SUSE (chromium, govulncheck-vulndb, and poppler).

Post Syndicated from jake original https://lwn.net/Articles/1003547/

Continuing its tradition of yearly major releases on December 25, the Ruby programming-language project
has released
Ruby 3.4.0 (followed quickly by 3.4.1,
which simply updates the version number). Ruby 3.4 includes lots of
changes, including the addition of it as a
less-confusing shorthand for _1 as a block parameter, switching to
Prism as the default
parser, adding the Happy Eyeballs
version 2 algorithm to the socket library,
just-in-time (JIT) compiler (YJIT) improvements, garbage-collection
modularization, and more.

Post Syndicated from jake original https://lwn.net/Articles/1003542/

Security updates have been issued by Debian (fastnetmon, webkit2gtk, and xen), Fedora (sympa), Oracle (postgresql), and Red Hat (pcp, tigervnc, and xorg-x11-server and xorg-x11-server-Xwayland).

Post Syndicated from jake original https://lwn.net/Articles/1002340/

In the past, suspensions of Python core developers have effectively been
permanent because the recipients of the punishment chose not to return.
Things have played out quite differently after Tim Peters was suspended for three months back in August;
Peters has been posting to the Python discussion forum since his suspension
ended in early November and, generally, getting back to work as usual.
That does not mean that he—or others in the community—have accepted the way
he was treated, but he has largely made his peace with it. The incident is
still reverberating through the Python world, however.